SharITSec

<style>/*<meta name='google-adsense-platform-account' content='ca-host-pub-1556223355139109'/>
<meta name='google-adsense-platform-domain' content='blogspot.com'/>

<script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2460228594947362&host=ca-host-pub-1556223355139109" crossorigin="anonymous"></script>

<!-- data-ad-client=ca-pub-2460228594947362 -->

</head><body>*/</style>

Malware , Malware Analysis , News and Indicators - Latest topics

The Maximalism Trap: When More Becomes Too Much

Why more tools, more alerts, and more data aren’t making you any safer Introduction to Malware Binary Triage (IMBT) Course L...

Sp123 21 May, 2026

Malware , Malware Analysis , News and Indicators - Latest topics

SEO poisoning campaign leverages Gemini and Claude Code impersonation to deliver infostealer

Executive summary Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using c...

Sp123 21 May, 2026

Malware , Malware Analysis , News and Indicators - Latest topics

Fragnesia CVE-2026-46300: Linux Kernel LPE Vulnerability Explained

Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS...

Sp123 21 May, 2026

Malware , Malware Analysis , News and Indicators - Latest topics

Webinar - Beyond GeoIP: Stop Sanctioned-Region Logins, AML Fraud and Fake Hires

Detection of fraud, inappropriate logins, and compliance violations depends on knowing where traffic is actually originating fr...

Sp123 20 May, 2026

Malware , Malware Analysis , News and Indicators - Latest topics

How an image could compromise your Mac: understanding an ExifTool vulnerability (CVE-2026-3102)

Introduction Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon ...

Sp123 20 May, 2026

Malware , Malware Analysis , News and Indicators - Latest topics

Fake Microsoft Teams Campaign Delivers ValleyRAT via NSIS Installer and DLL Sideloading

We came across fake Microsoft Teams distribution sites, shared on X platform back in mid April. The websites closely mimic the ...

Sp123 20 May, 2026

Malware , Malware Analysis , News and Indicators - Latest topics

From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat

Cisco Talos has uncovered a BadIIS variant — identifiable by its embedded "demo.pdb" strings — that functions as comm...

Sp123 19 May, 2026

<style>/*
<script type="text/javascript" src="https://www.blogger.com/static/v1/widgets/654365252-widgets.js"></script>
<script type='text/javascript'>
window['__wavt'] = 'AAVkm1vRvyTjIEensrzC6lPa-sg1:1779377380821';_WidgetManager._Init('//www.blogger.com/rearrange?blogID\x3d5925999397593177003','//www.sharitsec.eu.org/','5925999397593177003');
_WidgetManager._SetDataContext([{'name': 'blog', 'data': {'blogId': '5925999397593177003', 'title': 'SharITSec', 'url': 'https://www.sharitsec.eu.org/', 'canonicalUrl': 'https://www.sharitsec.eu.org/', 'homepageUrl': 'https://www.sharitsec.eu.org/', 'searchUrl': 'https://www.sharitsec.eu.org/search', 'canonicalHomepageUrl': 'https://www.sharitsec.eu.org/', 'blogspotFaviconUrl': 'https://www.sharitsec.eu.org/favicon.ico', 'bloggerUrl': 'https://www.blogger.com', 'hasCustomDomain': true, 'httpsEnabled': true, 'enabledCommentProfileImages': true, 'gPlusViewType': 'FILTERED_POSTMOD', 'adultContent': false, 'analyticsAccountNumber': '', 'encoding': 'UTF-8', 'locale': 'en-GB', 'localeUnderscoreDelimited': 'en_gb', 'languageDirection': 'ltr', 'isPrivate': false, 'isMobile': false, 'isMobileRequest': false, 'mobileClass': '', 'isPrivateBlog': false, 'isDynamicViewsAvailable': true, 'feedLinks': '\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22SharITSec - Atom\x22 href\x3d\x22https://www.sharitsec.eu.org/feeds/posts/default\x22 /\x3e\n\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/rss+xml\x22 title\x3d\x22SharITSec - RSS\x22 href\x3d\x22https://www.sharitsec.eu.org/feeds/posts/default?alt\x3drss\x22 /\x3e\n\x3clink rel\x3d\x22service.post\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22SharITSec - Atom\x22 href\x3d\x22https://www.blogger.com/feeds/5925999397593177003/posts/default\x22 /\x3e\n', 'meTag': '\x3clink rel\x3d\x22me\x22 href\x3d\x22https://www.blogger.com/profile/08645900966523004369\x22 /\x3e\n', 'adsenseClientId': 'ca-pub-2460228594947362', 'adsenseHostId': 'ca-host-pub-1556223355139109', 'adsenseHasAds': true, 'adsenseAutoAds': true, 'boqCommentIframeForm': true, 'loginRedirectParam': '', 'view': '', 'dynamicViewsCommentsSrc': '//www.blogblog.com/dynamicviews/4224c15c4e7c9321/js/comments.js', 'dynamicViewsScriptSrc': '//www.blogblog.com/dynamicviews/66f339c43d4ec606', 'plusOneApiSrc': 'https://apis.google.com/js/platform.js', 'disableGComments': true, 'interstitialAccepted': false, 'sharing': {'platforms': [{'name': 'Get link', 'key': 'link', 'shareMessage': 'Get link', 'target': ''}, {'name': 'Facebook', 'key': 'facebook', 'shareMessage': 'Share to Facebook', 'target': 'facebook'}, {'name': 'BlogThis!', 'key': 'blogThis', 'shareMessage': 'BlogThis!', 'target': 'blog'}, {'name': 'X', 'key': 'twitter', 'shareMessage': 'Share to X', 'target': 'twitter'}, {'name': 'Pinterest', 'key': 'pinterest', 'shareMessage': 'Share to Pinterest', 'target': 'pinterest'}, {'name': 'Email', 'key': 'email', 'shareMessage': 'Email', 'target': 'email'}], 'disableGooglePlus': true, 'googlePlusShareButtonWidth': 0, 'googlePlusBootstrap': '\x3cscript type\x3d\x22text/javascript\x22\x3ewindow.___gcfg \x3d {\x27lang\x27: \x27en_GB\x27};\x3c/script\x3e'}, 'hasCustomJumpLinkMessage': false, 'jumpLinkMessage': 'Read more', 'pageType': 'index', 'pageName': '', 'pageTitle': 'SharITSec', 'metaDescription': 'Welcome to the website \x22sharitsec.eu.org\x22 a gathering place for information and learning news about hacking.'}}, {'name': 'features', 'data': {}}, {'name': 'messages', 'data': {'edit': 'Edit', 'linkCopiedToClipboard': 'Link copied to clipboard', 'ok': 'Ok', 'postLink': 'Post link'}}, {'name': 'template', 'data': {'name': 'custom', 'localizedName': 'Custom', 'isResponsive': true, 'isAlternateRendering': false, 'isCustom': true}}, {'name': 'view', 'data': {'classic': {'name': 'classic', 'url': '?view\x3dclassic'}, 'flipcard': {'name': 'flipcard', 'url': '?view\x3dflipcard'}, 'magazine': {'name': 'magazine', 'url': '?view\x3dmagazine'}, 'mosaic': {'name': 'mosaic', 'url': '?view\x3dmosaic'}, 'sidebar': {'name': 'sidebar', 'url': '?view\x3dsidebar'}, 'snapshot': {'name': 'snapshot', 'url': '?view\x3dsnapshot'}, 'timeslide': {'name': 'timeslide', 'url': '?view\x3dtimeslide'}, 'isMobile': false, 'title': 'SharITSec', 'description': 'Welcome to the website \x22sharitsec.eu.org\x22 a gathering place for information and learning news about hacking.', 'url': 'https://www.sharitsec.eu.org/', 'type': 'feed', 'isSingleItem': false, 'isMultipleItems': true, 'isError': false, 'isPage': false, 'isPost': false, 'isHomepage': true, 'isArchive': false, 'isLabelSearch': false}}, {'name': 'widgets', 'data': [{'title': 'Pagination', 'type': 'HTML', 'sectionId': 'upload-image', 'id': 'HTML8'}, {'title': 'Template License', 'type': 'HTML', 'sectionId': 'upload-image', 'id': 'HTML7'}, {'title': 'Popular', 'type': 'PopularPosts', 'sectionId': 'upload-image', 'id': 'PopularPosts1', 'posts': [{'title': 'How CISOs Reduce Cyber Risk with MITRE ATT\x26CK', 'id': 3892716291153154997}, {'title': 'Community Bootcamp: Welcome to Silent Push Community', 'id': 8813338656031778982}, {'title': 'Windows updates and why pause forever is risky', 'id': 6839173597659951946}]}, {'title': 'Your Css', 'type': 'HTML', 'sectionId': 'upload-image', 'id': 'HTML9'}, {'title': 'About Me', 'type': 'Profile', 'sectionId': 'upload-image', 'id': 'Profile1'}, {'title': 'Your Javascript', 'type': 'HTML', 'sectionId': 'upload-image', 'id': 'HTML6'}, {'title': 'Google analytics', 'type': 'HTML', 'sectionId': 'upload-image', 'id': 'HTML5'}, {'title': 'Navbar Menu', 'type': 'HTML', 'sectionId': 'upload-image', 'id': 'HTML2'}, {'title': 'Icons, Dark, Search', 'type': 'LinkList', 'sectionId': 'header-main', 'id': 'LinkList10'}, {'title': 'Menu', 'type': 'LinkList', 'sectionId': 'header-main', 'id': 'LinkList11'}, {'title': 'Featured Post', 'type': 'FeaturedPost', 'sectionId': 'before-blog', 'id': 'FeaturedPost1', 'postId': '8091104560722514476'}, {'title': 'Blog Posts', 'type': 'Blog', 'sectionId': 'blog-post', 'id': 'Blog1', 'posts': [{'id': '8091104560722514476', 'title': 'The Maximalism Trap: When More Becomes Too Much', 'showInlineAds': false}, {'id': '3902940014403975763', 'title': 'SEO poisoning campaign leverages Gemini and Claude Code impersonation to deliver infostealer', 'featuredImage': 'https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_ulZJmhBiX17WuhAip9DHR_n4r5iRWZb1j_SXVeGiTGG8dKBxft3nhy27rbUfikTUaO226UNps2HsVYduSvfsblrA1Wl3uMMO8UcnlfLlFGsAB7rctrJQwazhWsfi00rSr6iQNFl26Mh_XNv39sM7k9AKteGioZxIfqaSr0qYpWRityFw08wBRU2juErIftTSuFL2eXacgyLJdVJufNfqO2TUCsdJMIQv2hVdvsxoo8_CJbmk-029C_sQBy_LOj9ptmPQYrceFglHckN_Q7g3xDp-PIA95bHC2xahshpVUSAY0HATFPu0bxXbj9aFaYpcpVcdk3W0se_OK0-0btTS7Zs1GWZhrwlEHlrXlD', 'showInlineAds': false}, {'id': '1304302098045543991', 'title': 'Fragnesia CVE-2026-46300: Linux Kernel LPE Vulnerability Explained', 'featuredImage': 'https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_v369p-f-rqy_nBhRHJa3-3m9DvaWfksBKXtdwpxAaazLd0nY5QHIYGCDzkK6Kqwj2sbsfE_TM_i5xUzqXxhUaBsXBFnSJ12hCX8UholWA2anLo7FsXgD2ICvBsYmttucuqk8fjHHoo5faaNJk-bzKR7TpA4JG_hlg', 'showInlineAds': false}, {'id': '2569749441024751601', 'title': 'Webinar - Beyond GeoIP: Stop Sanctioned-Region Logins, AML Fraud and Fake Hires', 'showInlineAds': false}, {'id': '3676737766363317825', 'title': 'How an image could compromise your Mac: understanding an ExifTool vulnerability (CVE-2026-3102)', 'featuredImage': 'https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uvSV35fPzCvLKV2To1hoPJt-oQsWTHsGhk3rdfWNpivoFfXkZPsH2P7prOmb0NK84ki_YtamqM97wXXVdaLQKW4dtBi_sVqT5Ka8Qh37pNdDPvddioJV58hnHZE9RhUXthEb9AnPz0xNsrB1nsCV8ci-Umtdd_17HN4gmDQs79IVCqW9tZsmdmkXqIVDHtNhdwXwmz', 'showInlineAds': false}, {'id': '7263482810024809735', 'title': 'Fake Microsoft Teams Campaign Delivers ValleyRAT via NSIS Installer and DLL Sideloading', 'featuredImage': 'https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uXo99TUJGkY3ZTy44FzdNfzVKiNYzy0HtKqPMpaIaTaKT26d7BEEpe67NCB9_FtBM2rL8KEajn5irobUnIC1mXdLMafMggP6-cFRN8cAdOG38_11WBafdg8SvguFPXW_h3STiPSo3EcsMB6RVJ7K-B0AXqbFV4qN_S', 'showInlineAds': false}, {'id': '7383347216364414299', 'title': 'From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat', 'featuredImage': 'https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_t6Kii731PPMdiqrIQb2X7pY8M4ao6Fy3hx0eyco-4rXn4tUTqZYpSP825cO06hRMb-OcZoOVlLP6bjM8CoycKwCrnO8VAX_2Qyqotj0gPD56lJY-Y_GejYyYwMeOlWmwUzr7682rBbhQ2H9_moLy_5nspyywYZzfi6rdyQwwtamgY-wIVX31Z5zig_NBA', 'showInlineAds': false}], 'headerByline': {'regionName': 'header1', 'items': [{'name': 'author', 'label': 'Posted by'}, {'name': 'timestamp', 'label': 'd MMM, yyyy'}, {'name': 'share', 'label': ''}]}, 'footerBylines': [{'regionName': 'footer2', 'items': [{'name': 'labels', 'label': 'Labels:'}]}], 'allBylineItems': [{'name': 'author', 'label': 'Posted by'}, {'name': 'timestamp', 'label': 'd MMM, yyyy'}, {'name': 'share', 'label': ''}, {'name': 'labels', 'label': 'Labels:'}]}, {'title': '#You may also like', 'type': 'HTML', 'sectionId': 'ads-post', 'id': 'HTML15'}, {'title': '', 'type': 'HTML', 'sectionId': 'sidebar-static', 'id': 'HTML25'}, {'title': 'Popular Posts', 'type': 'PopularPosts', 'sectionId': 'sidebar-static', 'id': 'PopularPosts10', 'posts': [{'title': 'Vulnerability in SzafirHost software', 'id': 6993347288155725942}, {'title': 'Fast16: Pre-Stuxnet Sabotage Tool Was Built to Subvert Nuclear Weapons Simulations', 'id': 2274560736102964999}, {'title': 'Pwn2Own Berlin 2026 - Day Two Results', 'id': 790708049061088463}, {'title': 'AI is distorting the Holocaust (Lock and Code S07E10)', 'id': 4744792215522332463}, {'title': 'Termite Ransomware Group Strikes Ramar Foods International', 'id': 5751578579940232296}, {'title': 'April 2026 Infostealer Trend Report', 'id': 7197958418333712290}, {'title': 'Why commercial cyber threat intelligence is failing defense operations', 'id': 7650837949776388705}, {'title': 'Symantec DLP Cloud and DPSM are the Power Couple Security Strategists Need', 'id': 1443115199566181911}, {'title': '\uacbd\ubd81 \uccad\ub3c4\uad70 \ub97c \ub178\ub9b0 \uae40\uc218\ud0a4(Kimsuky)\uc5d0\uc11c \ub9cc\ub4e0 \uc545\uc131\ucf54\ub4dc-\ub178X\uc815\ub2d8.jse', 'id': 2785800787743193392}, {'title': 'Cyble Named a Challenger in the Inaugural 2026 Gartner\xae Magic Quadrant\u2122 for Cyberthreat Intelligence Technologies', 'id': 7679365434825326738}]}, {'title': 'Archive', 'type': 'BlogArchive', 'sectionId': 'sidebar-static', 'id': 'BlogArchive10'}, {'title': '#Recent Post', 'type': 'HTML', 'sectionId': 'sidebar-static', 'id': 'HTML19'}, {'title': 'Copyright', 'type': 'HTML', 'sectionId': 'copyright', 'id': 'HTML23'}, {'title': 'SVG Icons', 'type': 'HTML', 'sectionId': 'jet-options', 'id': 'HTML24'}]}]);
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML8', 'upload-image', document.getElementById('HTML8'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML7', 'upload-image', document.getElementById('HTML7'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_PopularPostsView', new _WidgetInfo('PopularPosts1', 'upload-image', document.getElementById('PopularPosts1'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML9', 'upload-image', document.getElementById('HTML9'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_ProfileView', new _WidgetInfo('Profile1', 'upload-image', document.getElementById('Profile1'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML6', 'upload-image', document.getElementById('HTML6'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML5', 'upload-image', document.getElementById('HTML5'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML2', 'upload-image', document.getElementById('HTML2'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_LinkListView', new _WidgetInfo('LinkList10', 'header-main', document.getElementById('LinkList10'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_LinkListView', new _WidgetInfo('LinkList11', 'header-main', document.getElementById('LinkList11'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_FeaturedPostView', new _WidgetInfo('FeaturedPost1', 'before-blog', document.getElementById('FeaturedPost1'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_BlogView', new _WidgetInfo('Blog1', 'blog-post', document.getElementById('Blog1'), {'cmtInteractionsEnabled': false, 'lightboxEnabled': true, 'lightboxModuleUrl': 'https://www.blogger.com/static/v1/jsbin/1793375781-lbx__en_gb.js', 'lightboxCssUrl': 'https://www.blogger.com/static/v1/v-css/828616780-lightbox_bundle.css'}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML15', 'ads-post', document.getElementById('HTML15'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML25', 'sidebar-static', document.getElementById('HTML25'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_PopularPostsView', new _WidgetInfo('PopularPosts10', 'sidebar-static', document.getElementById('PopularPosts10'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_BlogArchiveView', new _WidgetInfo('BlogArchive10', 'sidebar-static', document.getElementById('BlogArchive10'), {'languageDirection': 'ltr', 'loadingMessage': 'Loading\x26hellip;'}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML19', 'sidebar-static', document.getElementById('HTML19'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML23', 'copyright', document.getElementById('HTML23'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML24', 'jet-options', document.getElementById('HTML24'), {}, 'displayModeFull'));
</script>
</body>*/</style>